Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xT9F3TI4Mx9iNcY_OPXattqm9Wg.roa
File: xT9F3TI4Mx9iNcY_OPXattqm9Wg.roa (raw, json)
Hash identifier: vQoEdKGbejJQqUWM/wXiS1GYigfmgmJsJS/yY38mL3I=
Subject key identifier: C5:3F:45:DD:32:38:33:1F:62:35:C6:3F:38:F5:DA:B6:DA:A6:F5:68
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867E6CAEE48F973FC98B0013AB00B24C6A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xT9F3TI4Mx9iNcY_OPXattqm9Wg.roa
Signing time: Thu 23 Feb 2023 13:18:17 +0000
ROA not before: Thu 23 Feb 2023 13:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:6c:ae:e4:8f:97:3f:c9:8b:00:13:ab:00:b2:4c:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 13:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c53f45dd3238331f6235c63f38f5dab6daa6f568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d6:c7:42:6b:d7:70:71:6a:82:e7:04:40:40:
a0:09:82:a3:71:37:68:c7:fe:e1:f8:f6:5a:00:47:
f4:19:65:15:80:ce:60:ae:07:f2:a3:87:6d:ea:61:
0a:43:8d:9e:ef:14:03:d8:b7:ab:84:6f:02:88:e9:
b0:cc:74:bb:e8:bd:5e:7d:6a:e9:4e:dc:11:7e:02:
df:74:5d:40:3a:ac:23:f1:89:7f:1b:22:5e:0f:4a:
37:c0:da:4b:50:76:ca:b6:ce:1b:55:d5:a7:9a:d6:
40:6e:5f:e9:fe:6b:15:ba:a2:2f:8b:68:0d:79:40:
d2:a1:e4:ac:d2:cd:2c:62:f6:7a:50:9d:fb:f1:b2:
0f:de:f0:54:40:d5:2d:d9:fb:7d:cb:0e:8c:7e:e5:
81:06:c4:d4:ff:45:80:dc:2b:34:3a:09:d0:58:44:
07:7e:71:cb:db:74:b7:59:c2:dd:fd:de:fa:19:9d:
5e:fc:2f:1c:4f:4f:87:45:07:f6:ec:c2:49:70:9c:
ac:08:1b:a0:bd:c3:88:f9:5d:0d:94:f5:2a:70:7c:
0b:b0:79:6b:54:09:3d:df:ea:2d:1f:26:04:c6:8a:
51:ea:55:fb:ae:12:44:66:a4:96:bb:3d:dc:66:b3:
28:84:52:af:4d:e3:45:28:25:b1:70:5f:84:0b:b8:
e0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3F:45:DD:32:38:33:1F:62:35:C6:3F:38:F5:DA:B6:DA:A6:F5:68
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/xT9F3TI4Mx9iNcY_OPXattqm9Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:ec:3b:fe:c2:c3:bc:3e:30:b4:e0:ce:db:a1:01:1f:c7:82:
59:73:b5:d0:98:e4:01:2e:5d:c9:92:58:6b:18:93:47:2a:42:
1c:bd:fc:20:bf:7d:0a:29:e2:ca:e8:98:4e:fe:49:50:c1:f0:
cf:1f:2a:ea:ae:18:9e:00:40:ed:3b:68:be:0a:a7:84:de:f7:
5d:39:ac:74:3a:c3:2b:9a:55:bf:b6:b3:aa:53:13:f9:12:60:
fd:09:08:91:95:17:5a:9d:04:04:09:8f:d3:61:3c:b1:66:22:
f8:0d:c9:13:ed:ad:ef:a3:6a:d1:27:66:36:ec:b3:4d:28:b5:
c0:b0:a2:57:d3:5d:60:6c:9f:25:4d:14:00:c6:b3:aa:23:c6:
08:fa:bd:73:55:9d:e1:15:b1:d7:5d:64:ad:76:fa:f0:13:16:
58:9a:45:05:7a:e5:11:87:46:02:01:b8:5b:2d:ed:a4:32:e1:
3e:59:9d:3a:e8:a0:40:c1:bd:53:55:4c:75:15:01:10:fa:e6:
77:eb:cf:9e:9f:cb:95:0a:07:69:40:d0:21:d2:57:2e:4f:6c:
44:db:c0:d2:4e:de:b0:69:60:4e:a1:c1:aa:a4:44:6c:2a:37:
0f:dc:93:8b:5b:be:f4:ca:bf:99:38:2a:ee:5a:93:27:b8:e3:
c1:af:02:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ+bK7kj5c/yYsAE6sAskxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMTMxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNmNDVkZDMyMzgzMzFmNjIzNWM2M2YzOGY1ZGFiNmRhYTZmNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldbHQmvXcHFqgucEQECgCYKjcTdo
x/7h+PZaAEf0GWUVgM5grgfyo4dt6mEKQ42e7xQD2LerhG8CiOmwzHS76L1efWrp
TtwRfgLfdF1AOqwj8Yl/GyJeD0o3wNpLUHbKts4bVdWnmtZAbl/p/msVuqIvi2gN
eUDSoeSs0s0sYvZ6UJ378bIP3vBUQNUt2ft9yw6MfuWBBsTU/0WA3Cs0OgnQWEQH
fnHL23S3WcLd/d76GZ1e/C8cT0+HRQf27MJJcJysCBugvcOI+V0NlPUqcHwLsHlr
VAk93+otHyYExopR6lX7rhJEZqSWuz3cZrMohFKvTeNFKCWxcF+EC7jgIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMU/Rd0yODMfYjXGPzj12rbapvVoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveFQ5RjNUSTRNeDlpTmNZX09QWGF0dHFtOVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABDsO/7Cw7w+MLTgztuh
AR/HgllztdCY5AEuXcmSWGsYk0cqQhy9/CC/fQop4sromE7+SVDB8M8fKuquGJ4A
QO07aL4Kp4Te9105rHQ6wyuaVb+2s6pTE/kSYP0JCJGVF1qdBAQJj9NhPLFmIvgN
yRPtre+jatEnZjbss00otcCwolfTXWBsnyVNFADGs6ojxgj6vXNVneEVsdddZK12
+vATFliaRQV65RGHRgIBuFst7aQy4T5ZnTrooEDBvVNVTHUVARD65nfrz56fy5UK
B2lA0CHSVy5PbETbwNJO3rBpYE6hwaqkRGwqNw/ck4tbvvTKv5k4Ku5akye448Gv
Am8=
-----END CERTIFICATE-----
Generated at Fri May 2 07:44:48 2025 by rpki-client